Charlie Sheen is one sick puppy and other Facebook scams

Filed Under: Celebrities, Clickjacking, Facebook, Malware, Nude Celebrities, Social networks, Spam

It was only a matter of time, as my colleague Graham mentioned in his last post on Naked Security. For people who are following Charlie Sheen's insanity, the meme has spawned its own Facebook attack.

Facebook Charlie Sheen wall post

The messages the malicious application posts to your wall read:

Facebook Charlie Sheen spams

"Charlie Sheen is one Sick Puppy, ADULTS ONLY GUYS!! This is his first attempt at Homemade Sex Action! http://BAD URL"

"Just when you thought Charlie Sheen Couldn't go any lower(or Higher), the sicko surpasses all our Expectations!"

"Holy Sh*t - Charlie Sheen $ex Tape Released by Ex-Wife! - ADULTS ONLY!!
Charlie Sheen in his best Performance yet!
Charlie Sheen has turned to another addiction, and he takes it to the limit. ADULTS ONLY!!!"

These spam links lead to the typical Facebook survey scams.

Charlie Sheen sex video scamIf you add the application you are directed to a video player that resembles YouTube, where you receive a survey scam popup. This is one of the first ones I have seen that eventually directs you to a real video.

The video you are sent to is a spoof from break.com that makes fun of Sheen by dubbing his voice over a fake sex video. Like the others we blog about, you need to remove the application to prevent it from posting to your wall and spamming itself out to all of your friends.

The number of attacks on Facebook in the last 36 hours seems to be spiralling out of control. I am genuinely overwhelmed with the number of scams being reported to us, so I will quickly debrief you on some of the more popular ones spreading on Facebook now.

The most dangerous of these scams is one I wrote about early in January. It pretends to be a photo album and spreads through Facebook chat. It eventually infects your computer with the W32/Palevo malware and begins to chat with your friends post-infection. It currently is sending chat messages that read, "you look so pretty on this picture http://BAD URL".

Another very popular scam this weekend is one that posts, "Even The Hottest Chicks Have Accidents! You have GOT to see this now!!" It appears to be a video player and is another likejacking attack. Over 40,000 people have fallen victim to this attack so far.

Hot Girls fail

Germans are being targeted as well. One Naked Security reader reported a scam about a Frenchman beating his wife. It reads "OMG! Guten Morgen Schatz geht voll daneben. Franzose schlägt seine Frau K.O! :D :D!" and is another likejacking page. This one has hit over 11,000 Facebook users so far.

The Italian Facebook community need not feel left out. This Facebook likejacking page is spamming out the message "[VIDEO REALE] Una ragazza SEXY si SPOGLIA in cam e... guarda cosa succede!!", in which the lure seems to be a girl undressing. Over 95,000 Facebook users have been tricked by this attack.

These aren't the only scams going around. Many of attackers' old favorites are back, like Justin Bieber and Miley Cyrus.

To keep on top of all the latest tricks attacking Facebook users join our page, or follow the Naked Security RSS feed. Visit our Facebook best practices page for our recommendations for maintaining your privacy on Facebook.

, , , , , , ,

You might like

One Response to Charlie Sheen is one sick puppy and other Facebook scams

  1. david56543 · 1140 days ago

    meme? how is this guy a meme :S

    i think you need to learn what a meme actually is....

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.